Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
File:                     2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft (raw, json)
Hash identifier:          N4zo9xA0KBMkq/yYBkal7yAF85TilniKaqBRhx+MQSY=
Subject key identifier:   2E:38:45:B9:1F:B0:05:E1:20:BD:B6:16:18:24:ED:28:DF:2F:9F:1A
Authority key identifier: D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA
Certificate issuer:       /CN=d9b22811df86123d71af5b998a210c23eb1d5efa
Certificate serial:       0197B6A19F8C7C79B0BB83DE60B7C9C9E0AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
Manifest number:          0EF2
Signing time:             Sat 28 Jun 2025 13:02:14 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:14 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:14 +0000
Files and hashes:         1: 2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl (hash: tq0NaMNnB47iwsTVdppRhbLZQpYT6g9NYwxLiQNBD/A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:9f:8c:7c:79:b0:bb:83:de:60:b7:c9:c9:e0:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b22811df86123d71af5b998a210c23eb1d5efa
        Validity
            Not Before: Jun 28 13:02:14 2025 GMT
            Not After : Jun 29 13:02:14 2025 GMT
        Subject: CN=2e3845b91fb005e120bdb6161824ed28df2f9f1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:31:cc:ec:b4:97:a4:d2:f9:86:8e:d1:d9:c1:
                    3d:e2:e8:c0:5d:68:b8:4c:fb:c9:67:86:a2:43:1f:
                    1e:86:85:0e:52:f3:36:9a:24:32:a0:be:13:18:b1:
                    bd:1d:59:5e:02:50:1d:a3:8a:f6:ea:c8:c7:6b:07:
                    ce:23:b9:f0:e9:65:ff:f4:30:45:de:90:da:76:e8:
                    10:9c:da:07:39:76:0c:7c:62:3c:d5:66:d4:79:39:
                    2b:50:82:e7:b4:c2:09:cc:c0:6c:f3:ef:19:ae:08:
                    e2:66:ba:94:3d:af:0e:bb:31:d7:b9:04:04:18:0a:
                    7b:19:98:4b:4b:43:58:70:22:8a:32:d3:71:5c:97:
                    8f:8d:3a:9a:e1:33:51:be:79:55:6a:2a:da:1f:27:
                    86:e7:af:be:90:ae:d1:e2:ba:60:4e:d6:db:ca:71:
                    59:ab:c4:ec:6b:f9:6c:91:1d:af:24:cf:cf:66:ff:
                    7c:fe:5e:32:f9:cd:4f:80:06:de:4e:42:15:0a:2c:
                    a9:e5:0c:e4:a0:10:50:12:2b:62:b0:03:cd:ae:5e:
                    69:98:e4:a0:9d:6a:6a:fe:c9:8c:a4:a9:68:f8:3a:
                    77:28:39:fe:bd:fc:20:c5:31:8a:ad:42:44:b6:be:
                    a0:4b:bb:d5:a8:6f:8e:1f:38:d8:cb:79:57:94:91:
                    83:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:38:45:B9:1F:B0:05:E1:20:BD:B6:16:18:24:ED:28:DF:2F:9F:1A
            X509v3 Authority Key Identifier:
                keyid:D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:6c:c1:0a:30:e4:82:ac:f4:92:14:f7:7a:1e:ed:33:ee:8b:
         20:7c:1f:3d:95:3c:05:3b:33:1e:e3:3c:68:18:e5:65:ed:03:
         11:a5:4c:b7:fc:a5:49:90:2f:dc:b1:5b:36:91:2b:20:3a:31:
         f4:e4:4d:5e:f4:04:1b:2a:34:84:4e:81:92:2d:90:3d:38:d7:
         68:df:4c:c0:8b:f0:12:2c:27:21:ca:a7:35:9e:6d:51:fb:4a:
         2e:25:d9:f4:a2:82:ef:33:26:35:3f:ea:1c:68:f2:dd:f9:0a:
         b2:a6:d1:24:4d:87:61:b7:20:6d:c7:8f:1d:e5:9b:0e:a6:ff:
         52:cd:59:20:b7:22:62:9a:4e:a6:af:9a:ee:16:6a:4e:7f:21:
         7f:d2:05:cd:8e:9b:c3:b2:84:91:7c:b3:3a:84:f8:17:67:c0:
         c6:ff:1e:e0:dd:c1:e5:ed:60:68:6a:21:19:03:a7:e8:3a:c1:
         d4:a8:c2:9d:28:21:81:f2:76:54:35:3c:3f:29:86:d5:d2:cb:
         9f:aa:1f:3c:ac:08:6d:75:f5:52:39:77:e8:2a:f8:e6:eb:0c:
         fa:22:88:c9:f6:05:cd:da:1c:b6:6f:76:34:09:c2:d3:56:7b:
         4d:3d:3e:2e:36:b5:aa:36:cc:83:91:62:7f:7f:af:13:5f:a5:
         72:60:24:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oZ+MfHmwu4PeYLfJyeCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjIyODExZGY4NjEyM2Q3MWFmNWI5OThhMjEwYzIzZWIx
ZDVlZmEwHhcNMjUwNjI4MTMwMjE0WhcNMjUwNjI5MTMwMjE0WjAzMTEwLwYDVQQD
EygyZTM4NDViOTFmYjAwNWUxMjBiZGI2MTYxODI0ZWQyOGRmMmY5ZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1THM7LSXpNL5ho7R2cE94ujAXWi4
TPvJZ4aiQx8ehoUOUvM2miQyoL4TGLG9HVleAlAdo4r26sjHawfOI7nw6WX/9DBF
3pDadugQnNoHOXYMfGI81WbUeTkrUILntMIJzMBs8+8ZrgjiZrqUPa8OuzHXuQQE
GAp7GZhLS0NYcCKKMtNxXJePjTqa4TNRvnlVairaHyeG56++kK7R4rpgTtbbynFZ
q8Tsa/lskR2vJM/PZv98/l4y+c1PgAbeTkIVCiyp5QzkoBBQEitisAPNrl5pmOSg
nWpq/smMpKlo+Dp3KDn+vfwgxTGKrUJEtr6gS7vVqG+OHzjYy3lXlJGD9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC44RbkfsAXhIL22Fhgk7SjfL58aMB8GA1UdIwQY
MBaAFNmyKBHfhhI9ca9bmYohDCPrHV76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQt
NjZjZDU1ZmVlM2Y5LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQtNjZjZDU1ZmVlM2Y5
LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADGzBCjDk
gqz0khT3eh7tM+6LIHwfPZU8BTszHuM8aBjlZe0DEaVMt/ylSZAv3LFbNpErIDox
9ORNXvQEGyo0hE6Bki2QPTjXaN9MwIvwEiwnIcqnNZ5tUftKLiXZ9KKC7zMmNT/q
HGjy3fkKsqbRJE2HYbcgbcePHeWbDqb/Us1ZILciYppOpq+a7hZqTn8hf9IFzY6b
w7KEkXyzOoT4F2fAxv8e4N3B5e1gaGohGQOn6DrB1KjCnSghgfJ2VDU8PymG1dLL
n6ofPKwIbXX1Ujl36Cr45usM+iKIyfYFzdoctm92NAnC01Z7TT0+Lja1qjbMg5Fi
f3+vE1+lcmAkeA==
-----END CERTIFICATE-----